The majority of personal cyber-defense boils down to just a handful of practices and the discipline to maintain them.

• Always use unique, strong passwords so that if your credentials appear in a data breach, hackers cannot use the same password to access your other accounts.
• If you use Google Chrome, consider switching to a more privacy-focused browser like Firefox or Safari.
• Install iOS 17.5.1 if you haven’t already, as this update fixes a problem that could bring back deleted photos.

For a complete list of our top security recommendations, view our course, Privacy & Security for Apple Enthusiasts in 2024, all included in your iPhone Life Insider subscription.

No updates since iOS 17.5.1

If you haven’t updated your iPhone to 17.5.1, be sure to do so as soon as possible. This update fixed critical vulnerabilities in both Apple Maps and Find My and also resolved a rare bug that caused photos that had experienced data corruption to resurface, even after being deleted.

Ticketmaster & Others Hit by Massive Data Breach

At the end of last month, Live Nation, owner of Ticketmaster, reported that it had “identified unauthorized activity within a third-party cloud database.” The result of this data breach is the exposure of over 560 million users. A hacker group known as ShinyHunters has claimed responsibility for the attack.

ShinyHunters allegedly stole 1.3 terabytes of data, including customer names, email addresses, phone numbers, order details, and partial credit card numbers. Ticketmaster is now facing a class action lawsuit due to this breach.

The attack appears to be a part of a larger data breach of the cloud storage platform, Snowflake, of which Ticketmaster is a customer. According to WIRED, other impacted companies include Santander Bank, Advance Auto Parts, and LendingTree, though the size of these breaches is unknown. ShinyHunters allegedly obtained the data by infecting the personal computer of a Snowflake employee.

The Bottom Line: If you are a user of any of these services, especially Ticketmaster, be sure to update your passwords and enable multi-factor authentication where possible. To ensure maximum protection, be sure to use unique, strong passwords for every account so that when a breach happens, attackers cannot use the same password to access other accounts.

International Operation Takes Down Massive Botnet

The US Justice Department led a joint operation with law enforcement partners around the world to take down a massive botnet responsible for worldwide cyber attacks, which infected over 19 million IP addresses. YunHe Wang, a 35-year-old People’s Republic of China national and St. Kitts and Nevis citizen-by-investment, was charged with deploying malware, as well as creating and managing a residential proxy service known as “911 S5.”

Wang’s malware was used to compromise millions of computers around the globe and then offered cybercriminals access to the infected machines for a fee, allowing him to amass millions of dollars. According to Attorney General Merrick B. Garland, 911 S5 “facilitated cyber-attacks, large-scale fraud, child exploitation, harassment, bomb threats, and export violations.” Wang has been arrested, and the 911 S5 botnet has been brought down. Garland has vowed to “unmask and arrest the cybercriminals who profit from this illegal activity.”

The Bottom Line: While you probably don’t need to worry about getting hacked by international cybercriminals, this operation shows that the world’s governments take cybercrime very seriously. It’s also a heartening example of the U.S. being able to rely on its allies around the world to coordinate the takedown of massive international cybercriminal conspiracies.

Ransomware Attack Brings Down Change Healthcare

Back in February, UnitedHealth Group-owned Change Healthcare was hit by a ransomware attack. While we reported on this in March, UnitedHealth has only now confirmed the details of the attack, which has resulted in the exposure of personal information, such as names, addresses, emails, social security numbers, driver’s license numbers, and more. Additionally, Change says that medical data, including insurance plans, billing, claims, and banking details, was stolen. However, the company says that this does not mean every customer has been impacted by the same level of exposure and that the type of data that was stolen may vary from person to person.

This breach led to outages of Change Healthcare’s systems across the country, which meant doctors and pharmacies could not file or process claims. This left many customers unable to get their prescriptions or pay full price for them. United Health allegedly paid a ransom to prevent the data from being posted online and will begin the process of notifying all affected customers starting in July.

The Bottom Line: Not even health insurance companies are safe from cyberattacks. If you are a customer of Change Healthcare, be on the lookout for an email or a letter that indicates that you were affected by the breach. However, also be wary of scams that might try to take advantage of this attack. If your information is online, bad actors could use that information against you in phishing attempts or try to pressure you into paying them money. If you receive suspicious emails or phone calls, always double-check the sender or phone number to make sure they’re coming from a trusted source. Email address domains will almost always be the company’s website, not a Gmail, Yahoo, or iCloud address. In the case of phone calls, it’s always best to hang up and call the company back at an official phone number, like the one listed on Change Healthcare’s customer support page.

More than 600,000 Routers Brought Down by a Single Hacker

An unknown hacker managed to deploy a remote access trojan called Chalubo to more than 600,000 internet routers belonging to an unnamed ISP back in October 2023. Ars Technica identified the ISP as Windstream, based on reports that Windstream subscribers began to experience issues around the same time that the trojan was deployed. However, Windstream and Black Lotus Labs, the security firm that first reported the incident, have neither confirmed nor denied this.

The motivations of the attack are as mysterious as the hacker. No one knows who perpetrated this attack or why, but the result was over half a million internet routers being bricked, a state in which an electronic device ceases to function and becomes as useful as a brick. The ISP involved was quick to replace the routers of all affected customers, but many details of how the attack was carried out are still up in the air.

The Bottom Line: While this attack was widespread and affected a massive number of customers, you likely do not need to worry too much about this type of attack. If a repeat incident were to occur, the worst-case scenario likely means you will simply be without internet for a few days while the ISP sends out a new router. However, you should still exercise caution when browsing the web, only download files from trusted sources, and avoid entering login credentials on suspicious pages.

Tile Customer Data Falls into the Hands of Hacker

In an online chat with 404 Media, a hacker revealed that they gained access to an internal tool used by location tracker company Tile. This tool is designed to be used by employees and law enforcement to obtain the location of specific Tile devices. The tool can also be used to change ownership of Tile devices, create administrative users, or send push notifications to users. The hacker attempted to extort Tile for payment, but the company did not respond. Instead, Tile says the hacker accessed a customer support platform that “contains limited customer information, such as names, addresses, email addresses, phone numbers, and Tile device identification numbers. It does not include more sensitive information, such as credit card numbers, passwords or login credentials, location data, or government-issued identification numbers.”

The Bottom Line: If you’re a Tile user, this might be a good time to switch to Apple’s AirTags for the increased privacy and security. At the very least, I would still strongly recommend updating your password, even though Tile claims the hacker doesn’t have access to login credentials.

Microsoft Recalls Recall

After massive backlash to its AI-powered screenshot tool Recall, Microsoft is making changes to how this feature works. When it was first announced, Recall was to be enabled by default on all Copilot+ PCs, and the screenshots would be accessible to anyone else using your computer. Additionally, Recall would identify text in the screenshots and store it in plain text format, making it easy for hackers to access and view the text, including passwords, payment information, social security numbers, or any other text you enter online.

However, Microsoft is now changing Recall to be an opt-in feature. It will be turned off by default and require the user to enable it. You will also need to use Windows Hello to enable and use Recall, meaning you will need to authenticate with your face, fingerprint, or PIN. With this change, no one else will be able to access your Recall timeline and screenshots. All Recall data will remain private and on-device.

While these changes are certainly a step in the right direction, I still do not fully trust Microsoft to maintain its promise of security when it comes to this feature. I don’t have a Copilot+ PC, but I would definitely still not use this feature if I did. Any feature that takes screenshots of your activity is effectively spyware in my eyes, even if it’s from a reputable company like Microsoft.

The Bottom Line: Microsoft’s changes to Recall make the feature less controversial, but, in my opinion, the cons still far outweigh any benefit that Recall can offer. If you plan on purchasing a Copilot+ PC, I would strongly recommend leaving this feature disabled. Or better yet, avoid Copilot+ PCs altogether and stick with Mac or build your own personal computer.

Apple Dips Its Toes into the AI Pool

While Microsoft tries to invade your privacy with AI, Apple is trying to maintain it. At its Worldwide Developers Conference in June, Apple announced its latest operating systems, iOS 18, iPadOS 18, and macOS Sequoia. Alongside these announcements, it also showed off its brand new AI features, including generative text and images, writing tools for proofreading, a smarter Siri, and ChatGPT integration. Soon, you will be able to use all of these features across your iPhone, iPad, and Mac. I wrote up a more detailed look at what Apple Intelligence will be able to do if you’re interested.

However, with any AI-powered feature comes questions of privacy. AI models need to be trained on existing data, which is usually provided by the user. The more people who use an AI tool like ChatGPT, the smarter it becomes. Apple, with its reputation for privacy, had many wondering how AI would work on devices that have been designed with privacy and security in mind. Apple’s answer is that most AI processing will be performed on-device rather than going to the cloud, meaning your data stays private. In cases where a request is too complex for on-device processing, the request will need to be sent to a cloud server. Apple insists this process will stay private, too, using a new service called Private Cloud Compute.

Apple says Private Cloud Compute is “a groundbreaking cloud intelligence system designed specifically for private AI processing.” Private Cloud Compute runs on newly developed, dedicated Apple silicon servers, which process only the relevant data to your request and never store user data. Apple is so confident in Private Cloud Compute’s security that they are making the code publicly available so that independent security experts can verify its integrity.

In other instances, a request might be so complex that not even Private Cloud Compute will be able to handle it and will fall back to ChatGPT for a more detailed response. In these cases, your iPhone will always ask for permission before sending the request to ChatGPT, ensuring you don’t inadvertently hand your data over to OpenAI.

The Bottom Line: Apple Intelligence will undoubtedly be one of the best AI tools on the market. The added bonus of privacy makes it much more appealing than ChatGPT, Google Gemini, or Microsoft Copilot. Apple’s reputation for privacy and security makes me confident that they’ll be able to uphold their commitment to keep Apple Intelligence private, but without more detailed information on how Private Cloud Compute works, I’m choosing to remain cautiously optimistic for now.

Google’s Crusade against Ad Blockers Begins

Earlier this month, Google began beta testing for Chrome version 127, which includes an update to Manifest V3, Chrome’s extension platform. Manifest V3 limits the functionality of adblocker extensions, making it harder for users to block ads and maintain privacy around the web. Google claims that by implementing these limitations, Chrome will be less resource intensive and that the browser will be able to better protect your privacy since extensions will have fewer permissions than before. However, having fewer permissions also means users won’t be able to block ads like before. As Manifest V3 rolls out, you may notice your Chrome extensions stop working, and you will need to re-enable them. Google says Manifest V2 extensions will continue to work through June 2025 to give developers time to update to Manifest V3.

The Bottom Line: Chrome used to be my go-to browser, but in the last few years, I’ve found that I can no longer recommend it. This change to its extension platform is the nail in the coffin, for me. If you value privacy and security and want a less resource-intensive browser, Firefox is the way to go. Alternatively, Safari and DuckDuckGo are also very good options for more privacy-focused web browsers.

An Update on Automotive Data Brokers

Back in March, we reported on how General Motors and other car manufacturers had been sharing data about customers’ driving habits with data brokers, who then sold the information to car insurance companies. Now, one such data broker, Verisk, has announced that it will no longer accept driving data from auto manufacturers and will also halt the sale of driving data to insurers. While this is certainly good news, drivers are not out of the woods just yet.

LexisNexis, another prominent data broker that was caught selling information about driving habits to car insurers, is continuing its practice of obtaining this data from the manufacturers and sharing it with insurance companies. It even promotes this practice on its website, presenting it as a benefit for insurers who wish to work with the broker.

The Bottom Line: Verisk is taking a step in the right direction, but data brokers are still out there selling your information to the highest bidder. As before, the only thing you can really do to combat this invasion of privacy is to uninstall any automotive companion apps if you have them, such as Honda’s Driver Feedback, Kia’s Driving Score, Chevy’s MyChevrolet, etc. And, of course, drive safely to avoid higher car insurance rates.

Securely Share Passwords with Friends & Family

If you and your family share certain accounts, like streaming services, sharing passwords is probably commonplace in your household. However, you should never text these passwords to each other. Thankfully, you now have the option to securely share passwords with iCloud Keychain. When creating your shared password group, you can select anyone to be a part of it. These can be people from your Family Sharing group or anyone from your Contacts list.

First, in the Settings app, scroll down and select Passwords. Tap the plus icon, and then choose New Shared Group. You can give your group a name and select Add People to add others to the shared password group. Select contacts or enter the phone number of anyone you want to add to the group. Tap Create, and you will then be prompted to choose which passwords from iCloud Keychain that you want to share with the group. Tap Move when you are finished, and you will have created a password-sharing group! Keep in mind that any passwords that are a part of the group will be accessible to anyone in the group, so it’s best to only use this feature for shared accounts, like streaming services.

There is far too much security and privacy news to cover it all. When building this newsletter, we look for scams, hacks, trouble, and news to illustrate the kinds of problems Apple enthusiasts may encounter in our private lives and the self-defense we can practice to keep our devices, accounts, and lives secure. Our commentary focuses on practical advice for everyday people. This month’s newsletter is written by me, Rhett Intriago and edited by Donna Schill.